Security News > 2021 > October
98% of U.S. executives report that their organizations experienced at least one cyber event in the past year, compared to a slightly lower rate of 84% in non-U.S. executives, according to a Deloitte survey. Further, COVID-19 pandemic disruption led to increased cyber threats to U.S. executives' organizations at a considerably higher rate than non-U.S. executives experienced.
Thankfully, there are consensus-developed security recommendations and tools available to help automate the process. The CIS Benchmarks provide free configuration recommendations for more than 100 CIS Benchmarks across 25+ vendor product families.
Managing the security of your third parties is crucial, but security assessments are riddled with problems, including a lack of context, scalability and relevance. In this comprehensive guide, we provide the direction you need to make your organization's third-party security program efficient and scalable.
Cybersecurity researchers on Wednesday took the wraps off a "simple yet remarkable" malware loader for malicious Windows binaries targeting Central Europe, North America and the Middle East....
Malicious actors have yet again published two more typosquatted libraries to the official NPM repository that mimic a legitimate package from Roblox, the game company, with the goal of...
Big Sur gets a version-bump to 11.6.1, while Catalina gets an old-version-style patched labelled Security Update 2021-007, but not a version number change. Importantly, these updates retrofit the iOS 15.0.2 patch to the Watch and TV product lines.
The flaw, found in the Hashthemes Demo Importer plugin, allows any authenticated user to exsanguinate a vulnerable WordPress site, deleting nearly all database content and uploaded media. Researchers have discovered a homicidal WordPress plugin that allows subscribers to wipe sites clean of content.
Security firm Sonatype on Wednesday said it had spotted two related malicious NPM libraries that were named so they might be mistaken for a popular legitimate module that serves as a Roblox API wrapper. Js, a Roblox game API wrapper available on NPM and as a standalone download. Roblox is a gaming platform with more than 40 million daily active users.
The Grief ransomware gang claims to have attacked the National Rifle Association and released stolen data as proof of the attack. Today, the ransomware gang added the NRA as a new victim on their data leak site while displaying screenshots of Excel spreadsheets containing US tax information and investments amounts.
The uptick in ransomware attacks reflects what organizations have to lose, and as mentioned, it's not just access to their mission-critical data. Think about the fact that companies that are victims of ransomware attacks can suffer days or weeks of downtime that not only render them incapable of conducting core business functions, but also cause inconveniences and additional risk for customers.